Is your encryption quantum-ready? Consider novel key protocols for a post-RSA future

Reading Time: 5 minutes

Despite its mathematical complexity, encryption serves a simple purpose: to ensure only authorized parties can access protected data.

Since its introduction in the late 1970s, Rivest-Shamir-Adleman (RSA) has been a cornerstone of modern encryption. Built on the computational difficulty of factoring large numbers generated by multiplying two prime numbers, the RSA encryption algorithm has been a formidable challenge to classical computing for decades.

However, quantum computing is on the horizon, and its implications are profound. Recognizing this, the National Institute of Standards and Technology (NIST) has recommended deprecating RSA’s digital signature algorithms with 112 bits (e.g., 2048-bit keys) by 2030 and disallowing all RSA digital signature algorithms by 2035.

As a result, organizations are actively evaluating alternative encryption methods. Understanding how these novel approaches work — and how to select the right option for your organization — begins with a closer look at the subtle yet profound differences in key protocols.

Key exchange: the behind-the-scenes hero of encryption

If encryption methods are the engine driving secure communication, key exchange protocols are the fuel.

• In traditional symmetric encryption, the same key is used to encrypt and decrypt data. While efficient, it poses risks if the key is intercepted.
• In asymmetric encryption (or public key cryptography), a public key encrypts the data, and a mathematically linked private key, kept confidential by the recipient, decrypts it.

RSA, a form of asymmetric encryption, relies on the difficulty of factoring the product of two large prime numbers. While generating this product is clear-cut, reversing the process — factoring it to retrieve the original primes — is computationally infeasible for classical systems.

To illustrate this challenge, a team of researchers set a record in 2020 by factoring RSA-250, a 125-digit composite number. The effort required an estimated 2,700 core-years of processing power, distributed across tens of thousands of machines worldwide over several months. One core-year represents the continuous use of a single central processing unit (CPU) for a full year.

Why quantum computing puts pressure on encryption methods

Unlike classical computers, which process tasks sequentially, quantum systems can evaluate many possibilities simultaneously. This capability allows quantum systems to solve problems like large-number factorization at unprecedented speeds.

One of the most powerful tools in this domain is Shor’s algorithm, developed by Peter Shor in 1994. It revolutionizes the problem of factoring large numbers, not necessarily by doing it faster (though it does), but by reframing factoring as a period-finding problem that quantum computers can solve efficiently.

How Shor’s algorithm works

1. Problem transformation

Instead of factoring a large number N, the algorithm finds the period r of a function f (x) = a^x mod N, where a is a randomly chosen number less than N.

2. Quantum superposition

A quantum computer creates a superposition of all possible values of x, allowing it to simultaneously evaluate the function f (x) of many inputs — something classical computers cannot do.

3. Quantum Fourier transform (QFT)

The QFT is then applied to the quantum state to reveal the period r. This is a critical step because it transforms the superposition into a new state where the period r of the function becomes observable. The QFT is similar to the fast Fourier transform (FFT) in classical computing.

4. Classical post-processing

Once the period r is found, classical algorithms are used to compute the factors of N. If r is even and a^r/2 ≠ -1 mod N, then the greatest common divisors of a^r/2 + 1 and N yield the prime factors of N.

Why this matters for architects, engineers, and policy owners

With NIST’s timeline marking less than a decade to RSA deprecation, and Shor’s algorithm poised to upend classical encryption through efficient factorization, finding the right post-quantum cryptography is becoming increasingly important. In a recent report on data threats that surveyed 3,200 global IT security professionals, approximately 60% cited “future encryption compromise”, “secure key distribution”, and “future decryption” as their top security concerns. Another industry report found that 56% of respondents cited “data encryption” as their most urgent use case for adopting post-quantum cryptography.

These concerns appear to be well-founded. According to Gartner®, “by 2029, advances in quantum computing will make most conventional asymmetric cryptography unsafe to use.” ^[1] Fortunately, cryptographers are already developing quantum-resistant encryption methods that offer new ways to maintain secure communication.

Three quantum-safe methods that hold the key to encryption’s future

1. Qrypt BLAST

Developed by chief cryptographer Yevgeniy Dodis, Qrypt’s bilateral agreement symmetric transport (BLAST) protocol eliminates the need for key transmission. Instead, endpoints use Qrypt’s Digital Quantum Key Distribution (DQKD) solution to independently generate matching keys through the exchange of metadata. The solution is further bolstered by leveraging quantum random number generator (QRNG) appliances that seed the BLAST service to mitigate the risk of relying on classic sources of entropy as recommended by NIST in NIST SP800-90b. BLAST implementations have been built for open platforms such as strongSwan and leading hyper scaling networking like NVIDIA’s BlueField-3 DPUs.

2. CRYSTALS-Kyber

Short for a cryptographic suite for algebraic lattices, CRYSTALS-Kyber is a module-lattice-based key encapsulation mechanism (ML-KEM) designed to resist quantum attacks. Its security relies on module lattices — multi-dimensional grids formed by combining vectors and creating complex mathematical problems that are extremely difficult for both classical and quantum computers to solve.

3. Hamming quasi-cyclic (HQC)

HQC is a code-based key encapsulation mechanism based on the difficulty of decoding random linear codes. It uses quasi-cyclic codes, which efficiently implement and help reduce the size of keys and ciphertexts. Like CRYSTALS-Kyber, it is considered a KEM, which is used over a public network as a first touchpoint between two parties that want to exchange confidential information. NIST chose this algorithm this year as a backup for ML-KEM.

Navigating the quantum future doesn’t have to be a solo journey.

Transitioning to quantum-safe encryption is complex, but SHI is here to help. SHI understands the intricacies of protecting your organization amidst today’s and tomorrow’s cyber threats. With 35 years of vendor-neutral expertise, our AI & Cyber Labs provide enterprise-grade testing environments across multi-cloud, legacy, and secure systems. Backed by 300+ technical certifications and 100+ industry credentials, SHI can help you move toward post-quantum security efficiently and confidently.

Ready to receive tailored guidance on how to future-proof your encryption? Get in touch with one of our experts to start transitioning your encryption strategy.

 

1 Gartner, Top Strategic Technology Trends for 2025: Postquantum Cryptography, Gene Alvaraz, Tom Coshow, Jasleen Kaur Sindhu, Dan Ayoub, Mark Horvath, Nick Jones, Soyeb Barot, Frank Buytendijk, Marty Resnick, Bill Ray, Sylvian Fabre, Moutusi Sau, Bart Willemsen, 21 October 2024

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.